]> git.sesse.net Git - vlc/commit
projects / vlc / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4037189) | patch
Real: fix heap buffer overflow (CVE-2010-3907)
authorRémi Denis-Courmont <remi@remlab.net>
Tue, 14 Dec 2010 22:08:59 +0000 (00:08 +0200)
committerRémi Denis-Courmont <remi@remlab.net>
Wed, 29 Dec 2010 18:12:39 +0000 (20:12 +0200)
commit6568965770f906d34d4aef83237842a5376adb55
treefca44532b31b226d482a9b6dc0a6fae94d9a69bctree | snapshot
parent403718957b551c3c27546b7f82b2ae9ba937652fcommit | diff
Real: fix heap buffer overflow (CVE-2010-3907)

Malformatted files may have a zero i_subpackets value. In this case,
we cannot use the array, but we still have to free it (calloc(0)).

This should fix LP#690173.

Reported-by: Dan Rosenberg <drosenberg@vsecurity.com>
modules/demux/real.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.